2023 to 2024 Report on key compliance attributes of the internal audit function at Environment and Climate Change Canada

List of acronyms and abbreviations
CIA
Certified Internal Auditor
CISA
Certified Information Systems Auditor
CGAP
Certified Government Auditing Professional
CPA
Chartered Professional Accountant
ECCC
Environment and Climate Change Canada
FY
Fiscal year
IIA
Institute of Internal Auditors
MAP
Management action plan
OCG
Office of the Comptroller General of Canada
QAIP
Quality assurance and improvement program
RBAP
Risk-based audit plan

Introduction

The Treasury Board Directive on Internal Audit requires that departments with an internal audit function publish departmental internal audit performance results in the form of key compliance attributes. The objective of publishing these results is to provide pertinent information to stakeholders, such as Canadians and parliamentarians, on the professionalism, performance and impact of the internal audit function in departments. As well, it is important that the public be aware that heads of government organizations are receiving independent assurance and that departmental activities are managed in a way that demonstrates responsible stewardship.

This report presents the state of compliance in fiscal year (FY) 2023 to 2024 of the internal audit function at Environment and Climate Change Canada (ECCC) on attributes determined by the Office of the Comptroller General of Canada (OCG). These attributes address questions that stakeholders may have related to the sound management and the oversight of public resources.

Key compliance attributes

The internal audit function at ECCC was assessed on the following 4 key compliance attributes:

Professional designations and training

Questions that stakeholders may have about oversight of public resources:
Do internal auditors in departments have the training required to do the job effectively? Are multidisciplinary teams in place to address diverse risks?

Key compliance attribute Result
1(a) % of staff with an internal audit or accounting designation (Certified Internal Auditor (CIA), Chartered Professional Accountant (CPA)) 58%
1(b) % of staff with an internal audit or accounting designation (CIA, CPA) in progress 42%
1(c) % of staff holding other professional designations (CGAP, CISA, etc.) 50%

Conformance with international standards

Questions that stakeholders may have about oversight of public resources:
Is internal audit work performed in conformance with the international standards for the profession of internal audit as required by Treasury Board policy?

Key compliance attribute Result
2(a) Date of last comprehensive briefing to the Departmental Audit Committee on the internal processes, tools, and information considered necessary to evaluate conformance with the Institute of Internal Auditors’ (IIA) Code of Ethics and the Standards and the results of the quality assurance and improvement program (QAIP) June 19, 2023
2(b) Date of last external assessment March 28, 2024

Implementation of the risk-based audit plan

Questions that stakeholders may have about oversight of public resources:
Are the risk-based audit plans (RBAPs) submitted to audit committees and approved by deputy heads implemented as planned with resulting reports published? Is management acting on audit recommendations for improvements to departmental processes?

Key compliance attribute Result

3. RBAPs and related information:

(a) name of engagement for the current fiscal year of the RBAP

(b) status of engagement for the current fiscal year of the RBAP

(c) date the engagement report was approved

(d) date the engagement report was published

(e) original planned date for completion of all management action plan (MAP) items

(f) status of MAP items

See Table 1 for details.

Table 1. Status of completed internal audits with an outstanding management action plan, as well as internal audits in progress and planned for tabling in fiscal year 2024 to 2025
# Engagement title Engagement status Report approved date Report published date Original planned MAP completion date MAP implementation statusFootnote 1 
1 Audit of the classification function at ECCC Published – MAP not fully implemented May 2, 2022 October 31, 2022 March 3, 2024 86%
2 Review of the ECCC Respect Bureau (Joint audit and evaluation engagement) Published – MAP not fully implemented January 20, 2023 July 28, 2023 June 30, 2024 20%
3 Audit of the administration of the Public Inquiries Centre at ECCC Published – MAP not fully implemented April 14, 2023 August 8, 2023 November 30, 2024 57%
4 Management Practices Review of the Public Affairs and Communications Branch Published – MAP not fully implemented May 8, 2023 August 30, 2023 March 31, 2024 14%
5 Audit of ECCC risk management practices Published – MAP not fully implemented June 26, 2023 November 10, 2023 April 30, 2024 0%
6 Comparative analysis of ECCC indigenous community engagement processes Approved – Not published January 18, 2024 N/A N/A N/A
7 Internal audit of the system of internal controls over financial reporting Published – MAP not fully implemented April 11, 2024 June 26, 2024 December 31, 2024 0%
8 Audit of the administration of grants and contributions programs at ECCC Approved – Not published June 28, 2024 In progress March 31, 2027 0%
9 Audit of cyber security at ECCC In progress N/A N/A N/A N/A
10 Review of the implementation of ECCC’s Diversity, Inclusion and Employment Equity Plan - Progress to date In progress N/A N/A N/A N/A
11 Review of the use of scientific advice in support of policy development and decision making In progress N/A N/A N/A N/A
12 Audit of IM/IT governance Planned N/A N/A N/A N/A

Credibility and adding value

Questions that stakeholders may have about oversight of public resources:
Is internal audit credible and adding value in support of the mandate and strategic objectives of the organization?

Key compliance attribute Result
4. Average overall usefulness rating of areas audited Good

Page details

Date modified: